Web Tools is a toolkit that I started developing after I realized there was an utter lack of security and analysis tools for the Windows operating system. I decided instead of writing one-off scripts to perform tasks, I would start compiling a set of tools that can be used together. There are currently two tools in the Web Tools toolkit, Web Link and Fuzzy Link.

Web Link
Web Link is a tool that scans a given domain and searches through all links embedded in pages and resources for additional links. The tool takes this information and compiles a live site map of all links that it was able to discover. This is handy for finding things such as exposed APIs, dead links, or additional pages that were previously unknown.  Using its Deep Scan option, the application will also scan resource files including CSS, JS, SASS, TXT, etc for any additional embedded links that it can analyze. Using its recursive mode, it will keep iterating over the entire domain (only the domain originally specified) analyzing any new links and repeating the process.

Fuzzy Link
Fuzzy Link was created shortly after creating Web Link. On my personal website, I found that an API URL was exposed and I wanted to attempt fuzzing it to see what I could get it to produce. This tool is intended to work alongside Web Link to further analyze pages found and potentially reveal vulnerabilities/problems with GET parameter fed pages. Fuzzy Link uses a word list that the user can specify and will attempt to try all words in the word list against the fuzzed URL. It will keep track of the headers, response size, response codes, as well as the full response for further inspection.

If you’d like to look at it or get a copy, check out the repository on my GitHub!